Applications Security Engineer
Company: VanderHouwen
Location: Hillsboro
Posted on: March 19, 2023
|
|
Job Description:
Applications Security Engineer
Our client is looking for an Application Security Engineer to
provide application security testing services to ensure consistent
secure software development practices. Our focus is on building a
DevSecOps culture working closely with our product and software
development teams. In this role, you will serve as an expert by
defining, supporting, and managing solutions that partner with
cloud operations and application development teams to deliver
business value for the company. This is a remote position and must
live in the following states: CA, OR, CO, ID, NV, AZ, WA, UT.
Applications Security Engineer Responsibilities:
Support continuous delivery of application vulnerability scanning,
remediation, and reporting across various platforms and
architectures.
Manage application vulnerabilities scanning tools (DAST, SAST, and
SCA) such as Veracode, SonarQube, and OWASP Dependency Checker.
Onboard applications into SAST, DAST, and SCA scanning
solutions.
Tune false positives and validate findings with our application
development teams.
Provide education on security practices or methodologies to resolve
vulnerabilities.
Develop, curate, and improve application security detections
(static and dynamic) to identify vulnerabilities at scale.
Partner with the application development function to support
streamlined, automated, and effective CI/CD pipeline security
testing.
Drive a culture of DevSecOps, creating reporting and self-service
capabilities to drive more ownership and accountability for
security across functional teams.
Demonstrate compliance with all bank regulations for assigned job
function and applies to designated job responsibilities - knowledge
may be gained through coursework and on-the- job training. Keeps up
to date on regulation changes.
Follows all Bank policies and procedures, compliance regulations,
and completes all required annual or job-specific training.
Maintain a working knowledge of Bank's written policies and
procedures regarding Bank Secrecy Act, Regulation CC, Regulation E,
Bank Security, and other regulations as applicable to this job
description.
Actively learns, demonstrates, and fosters the corporate culture in
all actions and words.
Takes personal initiative and is a positive example for others to
emulate.Applications Security Engineer Qualifications:
Bachelor's Degree in Computer Science, related field, or an
equivalent combination of education, training, and experience.
Required.
Working knowledge and experience with multiple security domains
(e.g., application security, vulnerability reduction, data
protection, encryption, logging and monitoring, network
security)
Subject Matter Expert (SME) experience with Secure Software
Development Life Cycle (SSDLC) (e.g. risk assessments, threat
modeling, static code analysis, code reviews and dynamic
application scanning).
Experience working with modern development practices (e.g. micro
services, containers, orchestration, continuous integration &
delivery pipelines).
Experience working in regulated industries leveraging information
security management frameworks and industry recognized best
practice / standards (e.g. FFIEC CAT, NIST, ISO, and PCI)
Demonstrated ability to resolve sensitive issues with other
departments and to present information to senior management.
Demonstrated analytical and problem-solving skills applied to both
technical and business challenges.
The ability to relate business requirements and risks to technology
implementation of security-related issues.
Knowledge of security monitoring, diagnostic and administrative
tools.
Ability to train and present to small and large audiences or has
the interest in learning to train and present.
Certifications a plus, i.e., CISSP, CCSP, CRISC, CISA. Benefits
Benefits are available to eligible VanderHouwen contractors and
include coverage for medical, dental, vision, life insurance, short
and long term disability, and matching 401k. About VanderHouwen
VanderHouwen is an award-winning, Women-Owned, WBENC certified
professional staffing firm. Founded in 1987, VanderHouwen has been
successfully placing experienced professionals throughout the
Pacific Northwest and nationwide. Our recruitment teams are highly
specialized in either Technology and IT, Engineering, or Accounting
and Finance career markets. Our recruiters value building
meaningful, professional relationships with each candidate as well
as developing honed knowledge of companies' staffing needs and
workplaces. Partner with us to land your next exciting career.
VanderHouwen is an Equal Opportunity Employer and participates in
E-Verify. VanderHouwen does not discriminate on the basis of race,
color, religion, sex, national origin, age, disability, or any
other characteristic protected by applicable local, state or
federal civil rights laws.Thank you for your interest in applying
for this position! Please fill out the fields below. Your profile
will be reviewed with the rest of the applicants.
Keywords: VanderHouwen, Hillsboro , Applications Security Engineer, Engineering , Hillsboro, Oregon
Click
here to apply!
|